Win 7 Defender

March 23rd, 2010
Home » Rogue Antispyware » Win 7 Defender
Repair and protect your computer easily. Download Win 7 Defender removal tool  

Win 7 Defender description

Win 7 Defender is a parasite which comes from a family of other rogues related to XP Defender Pro. With the aid of trojan infections, spam emails and various web pages it tends to be affiliated one can easily fall victim to this fraudulent application. Once installed, it will display fake system security threats and then will prompt program to remove security issues that don’t even exist.

Win 7 Defender is designed to pilfer money from unwary computer users. We highly suggest you do not purchase this registered version of Win 7 Defender application, because it is malicious and can’t process any security service. In fact, if you pay money for this bogus system, you’ll get only more parasites. That is the reason, why you shouldn’t trust any information shown by this malware. Use decent anti-spyware application and terminate Win 7 Defender.

Manual Win 7 Defender Removal


Win 7 Defender processes:

av.exe
ave.exe
Help: A Guideline of Killing Malicious Processes


Win 7 Defender registry values:

HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_CURRENT_USER\Software\Classes\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\.exe\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_CLASSES_ROOT\secfile\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%1? %*
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%Program Files%\Mozilla Firefox\firefox.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%Program Files%\Mozilla Firefox\firefox.exe” -safe-mode
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command “(Default)” = “%UserProfile%\Local Settings\Application Data\ave.exe” /START “%Program Files%\Internet Explorer\iexplore.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “AntiVirusOverride” = “1?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center “FirewallOverride” = “1?
Help: How to edit windows registry entries


Other malicious Win 7 Defender files:

%UserProfile%\AppData\Local\av.exe
%UserProfile%\AppData\Local\ave.exe

The manual removal of files and registries should be performed by experienced users. A system can be badly affected if any error is done during the manual removal. We recommend using automatic removal tools to delete Win 7 Defender, if you are not familiar with deleting malware manually.

Tags:

Leave a Reply